Re: [DNG] Complete system HDD encryption w/o LLVM.

Dimitris via Dng Thu, 01 Oct 2020 04:52:56 -0700


On 10/1/20 2:30 PM, Olaf Meeuwissen via Dng wrote:

- /etc?  'cause you might end up saving clear text passwords there ...
          Oh!  I found one below/etc/wpa_supplicant/.
          There might be others.

could also be clear-text : smtp account password(s), network-manager saves connection passwords there, system backup passwords, mysql also has debian-sys-maint password. and there are probably more clear-text examples in /etc/

apart from clear-text passwords, most encryption keys for daemons are stored in /etc.

-/var? Eh, /var/spool/  may have mail and print jobs, at least for some
          time./var/log/  may contain sensitive stuff ...


+
/var/lib is mostly data.. mysql data, dns data, tor data, etc.

/var/backups ....

--

and yes, swap can be encrypted too, very very easily.

OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Complete system HDD encryption w/o LLVM.

Reply via email to